﻿CREATE PROCEDURE [dbo].[User_UpdatePassword]
	@email nvarchar(256)
	,@passwordHash nvarchar(128)
	,@passwordSalt nvarchar(128)
AS
BEGIN
	DECLARE @userHashCode varchar(32)

	SET @userHashCode = CAST([dbo].[RandString](32) AS VARCHAR(32))
	WHILE EXISTS (SELECT * FROM [dbo].[user_User] WHERE [HashCode] = @userHashCode)
	BEGIN
		SET @userHashCode = CAST([dbo].[RandString](32) AS VARCHAR(32))
	END


	SET @email = LOWER(@email)
	IF EXISTS (SELECT * FROM [dbo].[user_User] WHERE Email = @email)
	BEGIN
		UPDATE [dbo].[user_User]
				SET [HashCode] = @userHashCode
					,[PasswordHash] = @passwordHash
					,[PasswordSalt] = @passwordSalt
					,[ActivityDate] = GETDATE()
			WHERE Email = @email 
			SELECT @userHashCode AS 'UserHashCode'

			RETURN
	END
	ELSE
	BEGIN
		RAISERROR ('EmailNotExist',9,1)
		RETURN
	END

END